CVE-2010-3729

HIGH

Description

The SPDY protocol implementation in Google Chrome before 6.0.472.62 does not properly manage buffers, which might allow remote attackers to execute arbitrary code via unspecified vectors.

References

http://code.google.com/p/chromium/issues/detail?id=55119

http://googlechromereleases.blogspot.com/2010/09/stable-beta-channel-updates_17.html

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7380

Details

Source: MITRE

Published: 2010-10-05

Updated: 2020-08-03

Type: CWE-190

Risk Information

CVSS v2.0

Base Score: 7.5

Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

Impact Score: 6.4

Exploitability Score: 10

Severity: HIGH

CVSS v3.0

Base Score: 9.8

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Impact Score: 5.9

Exploitability Score: 3.9

Severity: CRITICAL

Vulnerable Software

Configuration 1

OR

cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*

Tenable Plugins

View all (3 total)

IDNameProductFamilySeverity
800902Google Chrome < 6.0.472.62 Multiple VulnerabilitiesLog Correlation EngineWeb Clients
high
5669Google Chrome < 6.0.472.62 Multiple VulnerabilitiesNessus Network MonitorWeb Clients
medium
49285Google Chrome < 6.0.472.62 Multiple VulnerabilitiesNessusWindows
high